60K BTC addresses leaked as LockBit ransomware gang gets hacked
Almost 60,000 Bitcoin addresses linked to LockBit's ransomware infrastructure have been leaked following a breach of the group's dark web affiliate panel. A MySQL database dump was shared online, containing information that could assist blockchain analysts in tracing illicit financial flows. LockBit is a prominent ransomware group known for demanding ransom payments in Bitcoin. In February 2024, a coalition of ten countries initiated an operation against LockBit, citing billions in damages to critical infrastructure. No private keys were leaked during the breach, as confirmed by LockBit personnel. The database included tables with individual ransomware builds and over 4,400 negotiation messages between victims and the group. Analysts noted a potential connection between this breach and the Everest ransomware incident, suggesting similarities in the messaging used. The leak emphasizes the role of cryptocurrency in ransomware operations, enabling tracking of ransom payments and connections to known wallets.
